RAID-0: A block-level striping without parity or mirroring and has no redundancy, no fault-tolerance, no error checking, and a greater risk of data loss. However, because of its low overhead and parallel write strategy, it is the fastest in performance for both reading and writing. As the data is written to the drive, it is divided up into sequential blocks, and each block is written to the next available drive in the array. RAID-0 parameters include a minimum of two disks. The space efficiency is 1 and it has a zero fault tolerance disk.

RAID-1: Mirroring without parity or striping and offers the highest level of redundancy because there are multiple complete copies of the data at all times (supports disk shadowing and disk duplexing). Because it maintains identical copies on separate drives, RAID-1 is slow in write performance and fast read performance, and it can survive multiple (N-1) drive failures. This means, if N is three, two drives could fail without incurring data loss. RAID-1 parameters include a minimum of two disks. The space efficiency is 1/N, and it has a (N-1) fault tolerance disks.

RAID-2: Bit-level striping with dedicated hamming-code parity. RAID-2 parameters include a minimum of three disks; space efficiency is (1- 1/N). Log2 (N-1), and recover from one disk failure. A minimum of three disks must be present for parity to be used for fault tolerance because the parity is an error protection scheme.

RAID-3: Byte-level striping with dedicated parity. RAID-3 parameters include a minimum of three disks. The space efficiency is (1- 1/N), and it has one fault tolerance disk.

RAID-4: A block-level striping with dedicated parity. RAID-4 parameters include a minimum of three disks. The space efficiency is (1- 1/N), and one fault tolerance disk.

RAID-5: A block-level striping with distributed parity. It combines the distributed form of redundancy with parallel disk access. It provides high read-and-write performance, including protection against drive failures. The amount of storage space is reduced due to the parity information taking 1/N of the space, giving a total disk space of (N-1) drives where N is the number of drives. A single drive failure in the set can result in reduced performance of the entire set until the failed drive has been replaced and rebuilt. A data loss occurs in the event of a second drive failure. RAID-5 parameters include a minimum of three disks. The space efficiency is (1- 1/N) and it has one fault tolerance disk.

RAID-6: A block-level striping with double distributed parity providing fault tolerance from two drive failures and is useful for high-availability systems. Double parity gives time to rebuild the array without the data being at risk if a single additional drive fails before the rebuild is complete. RAID-6 parameters include a minimum of four disks. The space efficiency is (1- 2/N). It has two fault tolerance disks and two parity disks.

Reference monitor

(1) A security engineering term for IT functionality that (i) controls all access, (ii) is small, (iii) cannot be bypassed, (iv) is tamper-resistant, and (v) provides confidence that the other four items are true. (2) The concept of an abstract machine that enforces Target of Evaluation (TOE) access control policies. (3) Useful to any system providing multilevel secure computing facilities and controls.

Reference monitor concept

An access control concept referring to an abstract machine that mediates all access to objects (e.g., a file or program) by subjects (e.g., a user or process). It is a design concept for an operating system to assure secrecy and integrity.

Reference validation mechanism

An implementation of the reference monitor concept. A security kernel is a type of reference validation mechanism. To be effective in providing protection, the implementation of a reference monitor must be (1) tamper-proof, (2) always invoked, and (3) simple and small enough to support the analysis and tests leading to a high degree of assurance that it is correct.

Referential integrity

A database has referential integrity if all foreign keys reference existing primary keys.

Reflection attack

Occurs when authentication is based on a shared secret key and by breaking a challenge-response protocol with multiple sessions opened at the same time. A countermeasure against reflection attacks is to prove the user identity first so that protocol is not subject to the reflection attack.

Reflector attack

A host sends many requests with a spoofed source address to a service on an intermediate host. The service used is typically a user datagram protocol (UDP) based, which makes it easier to spoof the source address successfully. Attackers often use spoofed source addresses because they hide the actual source of the attack. The host generates a reply to each request and sends these replies to the spoofed address. Because the intermediate host unwittingly performs the attack, that host is known as a reflector. During a reflector attack, a DoS could occur to the host at the spoofed address, the reflector itself, or both hosts.

Registration

The process through which a party applies to become a subscriber of a credential service provider (CSP) and a registration authority (RA) validates the identity of that party on behalf of the CSP.

Registration authority (RA)

A trusted entity that establishes and vouches for the identity of a subscriber to a credential service provider (CSP). The RA’s organization is responsible for assignment of unique identifiers to registered objects. The RA may be an integral part of a CSP, or it may be independent of a CSP, but is has a relationship to the CSP(s).

Regrade

Data is regraded when information is transferred from high to low or from low to high network data and users. Automated techniques such as processing, filtering, and blocking are used during data regrading.

Regression testing

A method to ensure that changes to one part of the software system do not adversely impact other parts.

Rekey

The process used to replace a previously active cryptographic key with a new key that was created completely and independently of the old key.

Related-key cryptanalysis attack

These attacks choose a relation between a pair of keys but do not choose the keys themselves. These attacks are independent of the number of rounds of the cryptographic algorithm.

Relay station (WMAN/WiMAX)

A relay station (RS) is a subscriber station (SS) that is configured to forward traffic to other stations in a multi-hop security zone.

Release

The process of moving a baseline configuration item between organizations, such as from software vendor to customer. The process of returning all unused disk space to the system when a dataset is closed at the end of processing.

Reliability

(1)The extent to which a computer program can be expected to perform its intended function with the required precision on a consistent basis. (2) The probability of a given system performing its mission adequately for a specified period of time under the expected operating conditions.

Relying party

An entity that relies upon the subscriber’s credentials or verifier’s assertion of an identity, typically to process a transaction or grant access to information or a system.

Remanence

The residual information that remains on a storage medium after erasure or clearing.

Remedial maintenance

Hardware and software maintenance activities conducted by individuals communicating external to an information system security perimeter or through an external, nonorganization-controlled network (for example, the Internet).